Justification of Hacking into Websites - Essay Example

AT&T‘s iPad’s Security Breach Introduction In June 2004, Apple suffered an embarrassment when a security breach exposed personal details of its iPad’s owners, among them influential politicians, businessmen, corporate CEOs, and the U.S military (Tate, 2011). This hacking was the work of a website security group called Goatse Security, which shared the iPad’s users IDs and personal information with a media firm called Gawker Media, LLC (Tate, 2011). However, the website security firm informed AT&T of the security breach, which was immediately rectified. Subsequent to this breach of AT&T’s security, a lot of security issues have since arisen for the firm and other computer security firms. In addition, many interested parties have questioned the justification of hacking activities as well as the role of ethical statements and policies of computer security firms, which promote activities such as website hacking. This paper explores the subjects of the possibility of the justification of hacking, computer security firms’ ethics that promote hacking, and the social responsibilities of media firms such as Gawkers Media LLC. Justification of Hacking into Websites Most hackers state that they hack into websites not as criminals but as interested parties seeking to identify flaws in computer systems or reveal certain information. By hacking, they claim, it becomes possible for computer security firms to prevent or rectify any damaging security leaks. However, due to the side effects of hacking and the damages it causes to computer firms’ images and business, questions have a risen on the issue of justification for hacking and activities. While others insist that hacking can never be justifiable, others believe it is a justifiable practice, depending on the reasons for which it is done (Harper’s Forum, 1999). Among the reasons cited for the justification of hacking are to improve the quality of computer/website products, for artistic expression, as political statements, and to uncover expose criminal activities such as corruption and other government or corporate malpractices. In hacking into technology companies such as AT&T, which deals with millions of peoples’ data worldwide, hackers believe they compel these companies to ensure that they have tamperproof systems that keep their clients’ data confidential. Therefore, hackers are watchdog for the public on the security weaknesses of technology firms. Hacking is thus justifiable since it addresses the vulnerabilities inherent in technology products that expose clients’ confidential information (Harper’s Forum, 1999). Hacking could also be justifiable if its exposes illegal political activities by discredited groups. In addition, hacking may be justified if it reveals certain publicly important information, which the public is denied by governments, organizations, or politicians. Importantly, hackers reveal malpractices and criminal activities that may be happening without the knowledge of the public and the law enforcement agencies. That is, when a hacker discovers the criminal operations of certain individuals or organizations and such reports are sent to law enforcers, that hacking is certainly justified since it benefits the society and does not harm the public or any private person in any way (Harper’s Forum, 1999). Various factors have been found to promote hacking activities. Among these factors are the various ethical statements by computer security firms. Corporate Ethics Statement That Promote Hacking The ethical issue regarding the freedom to access information is perhaps the number one motivator of hackers to indulge in their activities. In fact, the ethic on which hackers justify their actions is that they investigate issues, allowing every individual in the society to gain information and knowledge on the various hidden issues affecting their lives (Ermann, 1997). Once a corporate computer firm issues ethical statements that emphasize the sharing of information, hackers understand this freedom to encompass actions such as the use of codes and programs therein to access information that is stored in computer networks (Ermann, 1997). In this regard, hackers feel they have the unlimited rights to computer accounts, emails, and passwords for the various programs. The major problem of ethical statements that offer unregulated access to information is that the moment information is made free to the public; it is rarely claimed as property (Ermann, 1997). In the contemporary world therefore, corporate statement that promote freedom of information but do not have privacy safeguards for the computer security firms could be quite counterproductive to the firms. For the hacked information to reach the public, most hackers share such data with media firms, which should be socially responsible when handling these types of data. The Social Responsibility of Media Firms Media firms such as Gawker Media LLC to which the hacked AT&T iPad’s data was sent have certain social responsibilities to the public that they should uphold. Although the modern media culture emphasizes and reveres transparency and freedom to access information, accountability must also be incorporated into the actions of media firms. In other words, media organizations such as Gawker should be the stewards of the society, the environment much as they may be profit-oriented. To be better social and corporate citizens, media firms should not only commit to social responsibility but also lead in the implementation of long-term and positive visions for social responsibility. In this regard, media firms should listen to the communities they serve and learn to address the social needs of the community. Media firms should therefore be innovative enough in encouraging spontaneous change in the social well-being of the community they interact with. Importantly, there is need for proper communication practices between the firms and the community. As it turns out, good social accountability does well for any business. This assertion implies that media firms should invest in social responsibility. Responding to the public on issues such as security breaches is just one way by which computer security firms may show social responsibility. Factors to Consider When Responding To a Security Breach To prevent or manage future security breaches, the CEOs at AT&T and other computer security firms may consider some or all of the following factors. First, CEOs should ensure that their compliance documents to government standards on security are updated to protect the firm against regulatory actions such as litigations and fines. Second, CEOs must establish and identify response units for the different security breaches that their firms may encounter. Importantly, any damages due to breaches should be thoroughly assessed, the areas affected identified, and the potential effects on business quickly established followed by compensation where necessary (Schultz & Shumway, 2001). In addition, all the stakeholders should be notified in time of any security breaches and the countermeasures put in place. After the identification of the causes of a security breach, it is important that future occurrences and damages are minimized and the incident properly documented (Schultz & Shumway, 2001). Among the stakeholders to whom security breaches should be reported are customers. Below is an example of an email script informing the customers of AT&T on the security breach and the plan that would be used to resolve the issue. Email Script From: AT&T Subject: Security Breach and the Resolution Plan TO: Customers AT&T would like inform all its esteemed customers that it has encountered a security breach on its data and certain personal data on its iPad users have been hacked into. However, AT&T assures its customers that it will endeavor to deliver the best quality technological products to its customers worldwide. In addition, the firm is doing all it can to ensure that such breaches never recur. As a result of the security breach, AT&T could be assessed by the government and civil action could be brought against the firm. The department of Information Security Management and Compliance will competently represent the organization. Legal counsel will also be solicited as need may be, regarding any complaints or actions against the firm. Conclusion AT&T, just like many other computer security firms, has experienced its fair share of security breaches by hackers. In June 2004, AT&T’s iPad was hacked into by website hackers from a security firm known as Goatse, which shared the hacked information with Gawker Media LLC. The increased cases of high-profile hacking has resulted in heated debates on the justification of hacking. Supporters of hacking argue that hacking helps in the detection of criminal activities and other malpractices that the public may not come to know about. Ethics statements by computer technology firms, which promote access and freedom to information, have particularly been blamed for hacking as hackers feel justified in accessing even confidential information about individuals and organizations. It is therefore imperative that CEOs of computer security firms establish strategies to prevent and manage security breaches whenever they are likely to occur and once they occur. References Ermann, D. (1997). Computers, ethics, and society. New York: Oxford University Press. Harper’s Forum. (1999). Is computer hacking a crime? In Cyber Reader, edited by Victor Vitanza. Boston: Allyn and Bacon. Schultz, E. E., and Shumway, R. (2001). Incident response: a strategic guide to handling system and network security breaches. Sams. Tate, R. (2011). Apple’s Worst Security Breach: 114,000 iPad Owners Exposed. Retrieved on November 23, 2011 from http://gawker.com/5559346/. Read More